#openstack-meeting log

21:00:46 <oneswig> #startmeeting scientific-sig
21:00:47 <openstack> Meeting started Tue May 26 21:00:46 2020 UTC and is due to finish in 60 minutes.  The chair is oneswig. Information about MeetBot at http://wiki.debian.org/MeetBot.
21:00:48 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
21:00:50 <openstack> The meeting name has been set to 'scientific_sig'
21:00:56 <oneswig> Let's roll
21:01:10 <oneswig> hi all
21:01:33 <trandles> Hi there
21:01:48 <oneswig> hi trandles
21:03:26 <oneswig> Sad to see the news about Rich Brueckner
21:03:36 <trandles> That came as a shock.
21:03:51 <rbudden> hello
21:03:56 <oneswig> hi rbudden
21:04:14 <martial> Hello :)
21:04:34 <oneswig> Hi martial
21:04:37 <oneswig> #chair martial
21:04:39 <openstack> Current chairs: martial oneswig
21:05:51 <oneswig> I am not sure I ever spoke to Rich but I saw him around, he seemed to be at all the conferences.  Which must have been hard work for him.
21:07:23 <oneswig> OK I think we should cover PTG planning.
21:07:35 <oneswig> #topic ptg planning
21:08:03 <oneswig> We have two hours earlier and two hours later next Tuesday.
21:08:18 <oneswig> brb
21:10:13 <oneswig> I think this is an opportunity to try and fix some pain points, or at least spend a couple of hours actually moving them forwards
21:10:36 <martial> logistic wise, what time did we get?
21:10:42 <trandles> What specifically are the hot topic items?
21:11:20 <martial> are we setting up any additional tools to work with the remote teams?
21:11:51 <oneswig> I'll get the times, 1 sec
21:12:37 <oneswig> #link ptg schedule https://object-storage-ca-ymq-1.vexxhost.net/swift/v1/6e4619c416ff4bd19e1c087f27a43eea/www-assets-prod/ptg/PTG2020-Schedule.pdf
21:13:00 <trandles> I see that the Vancouver link on the openstack site now goes to a different opendev 3-part series rather than next week's PTG
21:13:40 <oneswig> Kick-off for us is 2 hours on Tuesday 15:00 UTC, then back for 2 more hours at 2100 UTC (this time)
21:14:15 <oneswig> Apologies, it's Monday, not Tuesday
21:14:17 <oneswig> My mistake
21:15:00 <trandles> Good times for me, 0900-1100 and 1500-1700 :D
21:16:04 <diablo_rojo_phon> trandles: try openstack.org/ptg
21:16:07 <janders> the second time slot is a life-saver for my timezone :)
21:16:47 <trandles> diablo_rojo_phon, +1 Thanks!
21:17:28 <oneswig> We aim to please trandles janders, over here the second slot is almost too late for the virtual beer Tim suggested :-)
21:17:53 <oneswig> But I'm sure I'll cope...
21:19:03 <martial> or too early :)
21:20:00 <oneswig> Are people happy with a Zoom session or is there a need for something else?
21:20:37 <trandles> I'm allowed to do zoom as long as web browser is supported. I've had vendors require the app and that's verboten on my work computer.
21:21:03 <rbudden> ditto here
21:22:16 <martial> diablo_rojo_phon: asking you re the above?
21:22:28 <martial> tim/bob: anything else you can use?
21:22:50 <trandles> Skype, Webex, bluejeans, google meet...pretty much anything but zoom
21:23:51 <rbudden> I can fire up the personal laptop if it’s easier, but yeah, as trandles said, it’s largely anything but Zoom
21:24:08 <martial> I can set a Google Meet if needed
21:24:52 <trandles> I can steal Lucy's laptop for zoom if that's easier for everyone else.
21:25:18 <martial> Kendall sent us a link last week about https://meetpad.opendev.org/
21:25:39 <martial> that uses "Jitsi"
21:26:43 <martial> give me a sec, to set up both google meet
21:27:21 <trandles> I'll just use Lucy's laptop. My laptop has had the camera and microphone hardware destroyed so I'd also have to be able to call in using a phone.
21:27:49 <trandles> I have workarounds, pick something everyone else is happy with.
21:28:24 <diablo_rojo_phon> You are welcome to use meetpad too it's just more experimental. We tried to stick to options that fit our requirements.
21:28:48 <diablo_rojo_phon> And tried to narrow options so we can have a more cohesive event.
21:29:33 <oneswig> Hopefully we will settle on something that works quickly but it's going to be hard to do in advance unless the people who need to fall back to BYOD
21:31:01 <diablo_rojo_phon> We'll have details out in the next day or two for testing zoom. Meetpad is available for testing now.
21:31:03 <martial> Google Meet setup ... up to 250 people
21:31:34 <diablo_rojo_phon> Be aware that using Google meet will keep anyone from China from being able to participate.
21:32:17 <trandles> The Venn diagram of conferencing tools and countries has a big hole in the middle of it. :P
21:32:36 <diablo_rojo_phon> Zoom works in China which is why we selected it.
21:32:46 <diablo_rojo_phon> Meetpad does as well.
21:33:40 <martial> Tim and Stig should have received the first invite but if I did it right 1100-1300 EST ( 1500-1700 UTC)
21:34:10 <martial> I have a link if we decide to us it
21:34:18 <trandles> IIRC Zoom doesn't work from India
21:34:19 <martial> (Setting up No 2)
21:35:26 <diablo_rojo_phon> It is available as far as I know, it's just noted that it shouldn't be used by government officials.
21:35:38 <diablo_rojo_phon> But I'd argue Google meet shouldn't either ;)
21:36:21 <trandles> Got the invites martial
21:36:27 <martial> 2/2 setup
21:37:26 <martial> Stig, what do you think re: Google Meet vs ...
21:37:39 <oneswig> thanks diablo_rojo_phon - hard to please the entire world it seems
21:37:55 <martial> thanks Kendall, sorry for the chaos :)
21:38:48 <diablo_rojo_phon> It's alright. We knew there would be a lot of debate, just trying to help people understand why we made the decisions we did. Open communication and all that :)
21:39:27 <martial> 👍
21:39:27 <oneswig> martial: we use google meet for our work, it functions.  Zoom is better.  If trandles and rbudden can source hardware that works, I'm in favour of sticking with the zoom for the virtual room.
21:40:01 <oneswig> But if they can't I'm in favour of providing an alternative
21:40:13 <trandles> oneswig, martial I can get a non-work laptop to use
21:40:17 <martial> kendall: they said they can join zoom "as long as they can join from the web browser"
21:40:24 <martial> how can we test?
21:40:33 <jmlowe> I'm good with whatever
21:41:03 <diablo_rojo_phon> I'll get the link and details out tomorrow martial we are configuring everything and doing our own testing today.
21:41:12 <martial> perfect
21:41:30 <martial> Stig, let's test tomorrow and then we can see what works :)
21:41:49 <martial> Thanks Kendall :)
21:42:02 <oneswig> In the manner of dining philosophers we are focusing on the cutlery rather than the main event :-)
21:42:16 <martial> true :)
21:42:18 <trandles> I'm available to test if it'll help. martial or oneswig can ping me on slack when it's time
21:42:32 <oneswig> thanks trandles that would be good
21:42:59 <oneswig> trandles: what's in your in-tray for Ironic these days?
21:43:18 <rbudden> i’m happy to test as well if needed
21:43:39 <trandles> Getting back to working with Ironic would be great. I need to find the time. It looks like we'll be making an offer for our cloud architect position soon so hopefully that frees me up some to work on other things.
21:43:49 <oneswig> I think I will bring the exercise of getting my efforts on vf-lag into the open.
21:44:11 <trandles> oneswig, has Kitrick done anything with Ironic recently?
21:45:02 <oneswig> trandles: not specifically on Ironic but he's got a few things going on.  Some of this work with SDN and RDMA has him behind it.
21:46:37 <oneswig> trandles: did you ever get the Ironic boot-to-ramdisk into service?
21:47:17 <trandles> Got 90% of the way there. I had issues with my image and not necessarily with Ironic. In the midst of debugging I ran out of time
21:48:03 <oneswig> I see the PTG as the place for that kind of rainy-day activity
21:48:22 <janders> interesting! :)  are there any publicly available resources on the SDN/RDMA work mentioned?
21:48:42 <janders> I also have an AOB question:
21:48:54 <oneswig> janders: no alas, but perhaps that can be fixed.
21:49:06 <trandles> Do we have a sense of how well the Scientific SIG has been able to influence things to address our specific concerns?
21:49:24 <janders> do any of you have experience HPC-aware security auditors?
21:50:11 <oneswig> hot topic right now!
21:50:47 <janders> we're looking at improving our security posture across the board and the guys we're working with are good with enterprise but some of their ideas are really causing havoc on the HPC side
21:50:51 <oneswig> trandles: depends on the project but the Ironic team I think have been really receptive
21:50:59 <trandles> oneswig, I agree
21:51:10 <trandles> I haven't held up my end of that relationship
21:51:29 <martial> Stig: we can jump on their PTG too to discuss this :)
21:51:35 <janders> +1 for Ironic guys taking our feedback on board
21:52:11 <oneswig> There's been a few cores/ptls from different projects who have joined the discussion here, and I think that is great.
21:52:25 <trandles> janders, perpetual problem. We've had success hiring an enterprise security guy, training him up on HPC, and having him interface with auditors.
21:52:29 <martial> 👍 go OpenStack teams!
21:53:30 <oneswig> janders: Is your team ISO27001 certified?  If not you're at risk of your consultants advising that as low-hanging fruit.  You'll want more than that from the fee.
21:54:07 <janders> no, we are not
21:54:57 <janders> yeah I was thinking if we can find an organisation which specialises in designing HPC systems with security in mind we'll get heaps more value out of that
21:55:11 <janders> so I was wondering if any of you ever worked with anyone like that
21:57:09 <oneswig> The UK national tier-1 Cray system (ARCHER) was affected in the recent issues with ssh vulnerabilities.
21:58:06 <oneswig> ... along with plenty of others.  The people who didn't get hit are those who assiduously patch their systems.
21:59:18 <janders> true - yet on the other hand many HPC bits aren't really designed with this in mind
21:59:42 <janders> rolling updates occasionally break certain jobs
21:59:46 <martial> running low on time, so plan for tomorrow is after we get the zoom info to test it out with tim
21:59:47 <trandles> I wonder when folks will start disallowing key-based authentication?
22:00:11 <oneswig> <discuss for 60 seconds or less...>
22:00:20 <janders> I wonder what hardening-friendly cluster management solutions are out there
22:00:26 <janders> I suppose that's something for another time
22:00:28 <oneswig> ah, time's up :-)
22:00:29 <janders> thanks all! :)
22:00:41 <trandles> Monday!
22:00:43 <oneswig> But this is another interesting topic for next week, perhaps!
22:00:52 <oneswig> See y'all on Monday
22:00:55 <oneswig> #endmeeting